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What is claimed is: 

1 . A method of receiving a password, the method comprising: 
receiving a password routine, the password routine being digitally 

signed using a private key; 

authenticating the password routine using a public key associated with 
the private key; 

storing the password routine in a first area of a memory device, the 
first area of the memory device being unavailable to a memory management unit, the 
memory device including a second area, the second area being available to the 
memory management unit; and 

executing the password routine in a pre-boot environment to receive 

the password. 

2. A method as defined in claim 1, further comprising executing a non- 
trusted device driver in the pre-boot environment. 

3. A method as defined in claim 2, wherein the non-trusted device driver 
is only executed if the password matches a password stored in the first area of the 
memory device. 

4. A method as defined in claim 3, wherein the non-trusted device driver 
is stored in the second area of the memory device. 



5. A method as defined in claim 1 , wherein executing the password 
routine comprises executing the password routine using a processor in a secure mode, 
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the secure mode being a hardware feature of the processor. 
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6. A method as defined in claim 5, wherein the secure mode limits the use 
of input hardware. 

7. A method as defined in claim 6, wherein the secure mode limits the use 
of output hardware. 

8. A method as defined in claim 1 , wherein the password routine calls a 
trusted graphics routine, the trusted graphics routine being digitally signed. 

9. A method as defined in claim 8, wherein the trusted graphics routine 
calls a trusted display driver, the trusted display driver being digitally signed. 

10. A method as defined in claim 1, wherein the password routine calls a 
trusted keyboard driver, the trusted keyboard driver being digitally signed. 

11. A method as defined in claim 1 , wherein the password comprises a 
basic input output system (BIOS) password. 

12. An apparatus to execute a trusted software program in a pre-boot 
environment, the apparatus comprising: 

a memory device including a first memory portion and a second 
memory portion, the first memory portion storing the trusted software program; 

a memory management unit operatively coupled to the memory device, 
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the memory management unit being unable to access the first memory portion, the 
memory management unit being able to access the second memory portion; and 

a processor operatively coupled to the memory device, the processor to 
execute the trusted software program in the pre-boot environment. 

13. An apparatus as defined in claim 12, further comprising a non-trusted 
software program stored in the second memory portion. 

14. An apparatus as defined in claim 13, wherein the processor executes 
the non-trusted software program in the pre-boot environment. 

15. An apparatus as defined in claim 12, wherein the trusted software 
program comprises a hardware driver. 

1 6. An apparatus as defined in claim 1 5, wherein the hardware driver 
comprises a keyboard driver. 

1 7. An apparatus as defined in claim 1 5, wherein the hardware driver 
comprises a display driver. 

1 8. An apparatus as defined in claim 12, wherein the trusted software 
program comprises a graphical user interface display routine. 
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19. An apparatus as defined in claim 12, wherein the trusted software 
program comprises a password collection routine. 

20. An apparatus as defined in claim 12, wherein the processor includes a 
secure mode that limits the use of input hardware and output hardware connected to 
the processor. 

21 . An apparatus as defined in claim 20, wherein the processor executes 
the trusted software program in the pre-boot environment while the processor is in the 
secure mode. 

22. An apparatus to collect a password in a pre-boot environment, the 
apparatus comprising: 

a memory device including a first memory portion and a second 
memory portion, the second memory portion storing a keyboard driver, a display 
driver, graphics routine, and a password collection routine; 

a memory management unit operatively coupled to the memory device, 
the memory management unit being able to access the first memory portion, the 
memory management unit being unable to access the second memory portion; and 

a processor operatively coupled to the memory device, the processor to 
execute the keyboard driver, the display driver, the graphics routine, and the password 
collection routine in the pre-boot environment to collect the password in the pre-boot 
environment. 
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23. An apparatus as defined in claim 22, wherein the keyboard driver, the 
display driver, the graphics routine, and the password collection routine are each 
authenticated using a digital signature. 

24. An apparatus as defined in claim 22, wherein the processor includes a 
secure mode that limits the use of input hardware and output hardware connected to 
the processor. 

25. An apparatus as defined in claim 24, wherein the processor executes 
the keyboard driver, the display driver, the graphics routine, and the password 
collection routine in the pre-boot environment while the processor is in the secure 
mode. 

26. A machine readable medium storing instructions structured to cause a 
machine to: 

receive a password routine, the password routine being digitally signed 
using a private key; 

authenticate the password routine using a public key associated with 
the private key; 

store the password routine in a first area of a memory device, the first 
area of the memory device being unavailable to a memory management unit, the 
memory device including a second area, the second area being available to the 
memory management unit; and 

execute the password routine in a pre-boot environment to receive the 
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password. 

27. A machine readable medium as defined in claim 26, wherein the 
instructions are structured to cause the machine to executing a non-trusted software 
routine in the pre-boot environment, the non-trusted software routine being stored in 
the second area of the memory device. 

28. A machine readable medium as defined in claim 27, wherein the non- 
trusted software routine comprises a legacy driver. 
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